20 Million Domains at Risk from New Email Spoofing Attacks

Jul 24, 2024 | Podcast

https://www.darkreading.com/threat-intelligence/20-million-trusted-domains-vulnerable-to-email-hosting-exploits Cybersecurity researchers have uncovered a critical vulnerability affecting over 20 million trusted domains, including those belonging to Fortune 500...

Our Assumed Trust in Cyber Security Vendors

Jul 24, 2024 | Articles, Podcast

Imagine you are a security manager being asked to do a security assessment on a new software for your organisation. It will be deployed across all Windows workstations and servers and will operate as a boot start driver in kernel mode, granting it extensive access to...

Massive Data Breach at Australian Prescription Service MediSecure

Jul 23, 2024 | Podcast

https://medisecurenotification.wordpress.com Australian prescription delivery service MediSecure has confirmed a significant data breach affecting approximately 12.9 million customers. The attack, which occurred in April 2024, resulted in the theft of sensitive...

Hackers Capitalize on CrowdStrike Outage with Phishing and Malware Attacks

Jul 22, 2024 | Podcast

https://www.bleepingcomputer.com/news/security/fake-crowdstrike-fixes-target-companies-with-malware-data-wipers In the wake of the major disruption caused by a faulty CrowdStrike update last week, cybercriminals are launching phishing and malware attacks targeting...

Leaked GitHub Token Exposed Python Programming Language to Potential Tampering

Jul 19, 2024 | Podcast

Binary secret scanning helped us prevent (what might have been) the worst supply chain attack you can imagine Researchers at JFrog have identified a critical security lapse that could have allowed attackers to tamper with the core code of the Python programming...

New Ransomware Gang Targets Unpatched Veeam Software

Jul 18, 2024 | Podcast

https://www.group-ib.com/blog/estate-ransomware A new ransomware gang, EstateRansomware, is exploiting a critical vulnerability (CVE-2023-27532) in Veeam backup software to deploy ransomware and extort victims. This vulnerability was patched over a year ago, in March...